CIS OVAL Repository0.15.11.22018-12-19T08:22:25Cisco ASA VPN Denial of Service VulnerabilityCisco ASAA vulnerability in the VPN authentication code that handles parsing of the username from the certificate on the Cisco ASA firewall could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to parallel processing of a large number of Internet Key Exchange (IKE) requests for which username-from-cert is configured. An attacker could exploit this vulnerability by sending a large number of IKE requests when the affected device is configured with the username-from-cert command. An exploit could allow the attacker to cause a reload of the affected device, leading to a denial of service (DoS) condition.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Challenge-Response Tunnel Group Selection Bypass VulnerabilityCisco ASAA vulnerability in the authentication code of Cisco ASA Software could allow an authenticated, remote attacker to access resources of a VPN tunnel group. The vulnerability is due to improper implementation of the tunnel group selection when a user authenticates to the remote access VPN via the challenge-response mechanism. This vulnerability may affect Cisco ASA configured to authenticate remote access VPN users via LDAP, RADIUS, TACACS+, and RSA if a challenge-response is needed for authentication. Cisco ASA Software configured for Clientless or AnyConnect SSL VPN is affected by this vulnerability. An attacker could exploit this vulnerability by crafting a response to the Cisco ASA with a different tunnel group parameter. A successful exploit could allow the attacker to bypass the tunnel group restriction and authenticate to a different tunnel group than the one selected during the authentication phase. This could result in accessing a different set of resources.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Local Path Inclusion VulnerabilityCisco ASAA vulnerability in the function that exports environment variables of Cisco ASA Software could allow an authenticated, local attacker to inject a malicious library and take complete control of the system. The vulnerability is due to improper setting of the LD_LIBRARY_PATH environment. An attacker could exploit this vulnerability by copying a malicious library onto the affected system's external memory and triggering a reload of the system. An exploit could allow the attacker to force the affected system to load a malicious library and access the underlying Linux OS, which could lead to a full compromise of the system.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco Adaptive Security Appliance VPN Memory Block Exhaustion VulnerabilityCisco ASAA vulnerability in the IPsec code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition. The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass VulnerabilityCisco ASAA vulnerability in the Unicast Reverse Path Forwarding (uRPF) feature in the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to bypass the uRPF validation checks. The vulnerability is due to incorrect uRPF validation where IP packets from an outside interface, whose IP address is both in the ASA routing table and associated with an internal interface, are not dropped. An attacker could exploit this vulnerability by sending spoofed IP packets to the ASA in a subnet range that should be dropped. An exploit could allow the attacker to bypass uRPF validation on the ASA and the packet will be incorrectly forwarded on the internal network.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Identity Firewall Feature Buffer Overflow VulnerabilityCisco ASAA vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco Adaptive Security Appliance (ASA) Software OSPFv2 Denial of Service VulnerabilityCisco ASAA vulnerability in the Open Shortest Path First version 2 (OSPFv2) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, adjacent attacker to cause the reload of the affected system. The vulnerability is due to improper handling of OSPFv2 packets. An attacker could exploit this vulnerability by sending crafted packets to the affected system. A successful exploit could cause the system to crash, resulting in a denial of service (DoS) condition.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Software and Cisco FTD Software TCP Normalizer Denial of Service VulnerabilityCisco ASAA vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco Adaptive Security Appliance Information Disclosure VulnerabilityCisco ASAA vulnerability in the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to access sensitive data, including the ASA Software version that is currently running on the appliance. The vulnerability occurs because the Cisco ASA does not sufficiently protect sensitive data during a Cisco AnyConnect client authentication attempt. An attacker could exploit the vulnerability by attempting to authenticate to the Cisco ASA with AnyConnect.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11SQL*Net Inspection Engine Denial of Service VulnerabilityCisco ASAA vulnerability in SQL*Net inspection engine code could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of segmented Transparent Network Substrate (TNS) packets. An attacker could exploit this vulnerability by sending a crafted sequence of segmented TNS packets through the affected system.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Software DHCP Relay Denial of Service VulnerabilityCisco ASAA vulnerability in the DHCP Relay feature of Cisco ASA Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition by causing an interface wedge. The vulnerability is due to improper handling of resources linked with the DHCP Relay feature. An attacker could exploit this vulnerability by sending DHCP packets at specific rates. An exploit could allow an attacker to cause an interface to become wedged, and stop processing incoming traffic. Once this state is reached, restoration of service can only be achieved by reloading the device.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Information Disclosure VulnerabilityCisco ASAA vulnerability in the authorization code of Cisco ASA Software could allow an authenticated, remote attacker to access information stored on the file system of an affected system. The vulnerability is due to improper implementation of authorization controls when an unprivileged user tries to access files stored on the file system. This vulnerability can be exploited after authentication and only if HTTP server is enabled. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. If the Cisco ASA is configured in multiple context mode, only the user of the admin context will be able to exploit this vulnerability. An exploit could allow the attacker to access files stored on the device file system, which may include the running configuration.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco ASA Software SharePoint RAMFS Integrity and Lua Injection VulnerabilityCisco ASAA vulnerability in the SSL VPN code of Cisco ASA Software could allow an authenticated, remote attacker to overwrite arbitrary files present on the RAMFS file system or inject Lua scripts. The vulnerability is due to insufficient validation of the code that handles session information for the SSL VPN when a SharePoint handler is created. A SharePoint handler is created when a valid SharePoint connection is initiated. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected system. The SSL VPN feature must be configured for the system to be vulnerable. An exploit could allow the attacker to overwrite arbitrary files on the RAMFS cache or inject Lua scripts, causing a denial of service (DoS) condition for the Clientless SSL VPN portal or causing the system to reload. This vulnerability was reported to Cisco by Alec Stuart-Muirk.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay VulnerabilityCisco ASAA vulnerability in RADIUS Change of Authorization (CoA) messages of the Identity Firewall (IDFW) feature of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to modify the contents of the IDFW user cache. The vulnerability is due to insufficient validation of received RADIUS CoA messages. An attacker could exploit this vulnerability by replaying crafted RAIDUS CoA messages. An exploit could allow the attacker to modify the IDFW user cache of the ASA.David RiesDRAFTINTERIMACCEPTEDACCEPTED5.11show aaa-servershow running-config tunnel-group general-attributesshow service-policy | include sqlnetshow running-config9.3(2)^\s*anyconnect^\s*http server enableusername-from-certificateip verify reverse-path interface[Ff][Ii][Rr][Ee][Pp][Oo][Ww][Ee][Rr]Server Protocol:\s*([Ss][Dd][Ii]|[Rr][Aa][Dd][Ii][Uu][Ss]|[Ll][Dd][Aa][Pp]|[Tt][Aa][Cc][Aa][Cc][Ss])sqlnetset validate-icmp-errors^\s*no http server enableauthentication-server-group\s+(?!LOCAL)\w+\s*user-identity logout-probe netbios^\s*(ipv6 )?router ospf^\s*dhcprelay enable^\s*user-identity enable^\s*webvpn9.3(1.50)9.3(2.100)9.3(3)9.4(1)8.4(7.29)9.1(7.4)8.0(1.2)8.0(2)8.0(2.11)8.0(2.15)8.0(3)8.0(3.12)8.0(3.19)8.0(3.6)8.0(4)8.0(4.16)8.0(4.23)8.0(4.25)8.0(4.28)8.0(4.3)8.0(4.31)8.0(4.32)8.0(4.33)8.0(4.9)8.0(5)8.0(5.20)8.0(5.23)8.0(5.25)8.0(5.27)8.0(5.28)8.0(5.31)8.1(0.104)8.1(1)8.1(1.6)8.1(2)8.1(2.13)8.1(2.15)8.1(2.16)8.1(2.19)8.1(2.23)8.1(2.24)8.1(2.49)8.1(2.50)8.1(2.55)8.1(2.56)8.2(0.45)8.2(1)8.2(1.11)8.2(2)8.2(2.10)8.2(2.12)8.2(2.16)8.2(2.17)8.2(2.9)8.2(3)8.2(4)8.2(4.1)8.2(4.4)8.2(5)8.2(5.13)8.2(5.22)8.2(5.26)8.2(5.33)8.2(5.40)8.2(5.41)8.2(5.46)8.2(5.48)8.2(5.50)8.2(5.52)8.2(5.55)8.2(5.57)8.2(5.59)8.3(1)8.3(1.1)8.3(1.4)8.3(1.6)8.3(2)8.3(2.13)8.3(2.23)8.3(2.25)8.3(2.31)8.3(2.33)8.3(2.34)8.3(2.37)8.3(2.39)8.3(2.4)8.3(2.40)8.3(2.41)8.3(2.44)8.4(0)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.4(7.15)8.4(7.22)8.4(7.23)8.4(7.26)8.4(7.28)8.4(7.29)8.4(7.3)8.5(1)8.5(1.1)8.5(1.14)8.5(1.17)8.5(1.18)8.5(1.19)8.5(1.21)8.5(1.24)8.5(1.6)8.5(1.7)8.6(1)8.6(1.1)8.6(1.10)8.6(1.12)8.6(1.13)8.6(1.14)8.6(1.17)8.6(1.2)8.6(1.5)8.7(1)8.7(1.1)8.7(1.11)8.7(1.13)8.7(1.16)8.7(1.17)8.7(1.3)8.7(1.4)8.7(1.7)8.7(1.8)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.0(3.8)9.0(4)9.0(4.1)9.0(4.17)9.0(4.20)9.0(4.24)9.0(4.26)9.0(4.29)9.0(4.33)9.0(4.35)9.0(4.37)9.0(4.40)9.0(4.42)9.0(4.5)9.0(4.7)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)9.1(3.2)9.1(4)9.1(4.5)9.1(5)9.1(5.10)9.1(5.12)9.1(5.15)9.1(5.21)9.1(6)9.1(6.1)9.1(6.10)9.1(6.4)9.1(6.6)9.1(6.8)9.1(7.11)9.1(7.12)9.1(7.4)9.1(7.6)9.1(7.7)9.1(7.9)9.2(0.0)9.2(0.104)9.2(1)9.2(2)9.2(2.4)9.2(2.7)9.2(2.8)9.2(3)9.2(3.1)9.2(3.3)9.2(3.4)9.2(4)9.2(4.10)9.2(4.13)9.2(4.14)9.2(4.16)9.2(4.17)9.2(4.2)9.2(4.4)9.2(4.8)9.3(1)9.3(1.1)9.3(1.105)9.3(1.50)9.3(2)9.3(2.100)9.3(2.2)9.3(2.243)9.3(3)9.3(3.1)9.3(3.10)9.3(3.11)9.3(3.2)9.3(3.5)9.3(3.6)9.3(3.9)9.3(5)9.4(0.115)9.4(1)9.4(1.1)9.4(1.2)9.4(1.3)9.4(1.5)9.4(2)9.4(2.3)9.4(3)9.4(3.11)9.4(3.12)9.4(3.3)9.4(3.4)9.4(3.6)9.4(3.8)9.4(4)9.5(1)9.5(2)9.5(2.10)9.5(2.14)9.5(2.6)9.5(3)9.5(3.2)9.5(3.3)9.6(0)9.6(1)9.6(1.10)9.6(1.3)9.6(1.5)9.6(2)9.6(2.1)9.6(2.2)9.6(2.3)8.2(0.45)8.2(1)8.2(1.11)8.2(2)8.2(2.10)8.2(2.12)8.2(2.16)8.2(2.17)8.2(2.9)8.2(3)8.2(4)8.2(4.1)8.2(4.4)8.2(5)8.2(5.13)8.2(5.22)8.2(5.26)8.2(5.33)8.2(5.40)8.2(5.41)8.2(5.46)8.2(5.48)8.2(5.50)8.3(1)8.3(1.1)8.3(1.4)8.3(1.6)8.3(2)8.3(2.13)8.3(2.23)8.3(2.25)8.3(2.31)8.3(2.33)8.3(2.34)8.3(2.37)8.3(2.39)8.3(2.4)8.3(2.40)8.3(2.41)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.4(7.15)8.4(7.22)8.4(7.23)8.4(7.3)8.6(1)8.6(1.1)8.6(1.10)8.6(1.12)8.6(1.13)8.6(1.14)8.6(1.2)8.6(1.5)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.0(3.8)9.0(4)9.0(4.1)9.0(4.17)9.0(4.20)9.0(4.24)9.0(4.5)9.0(4.7)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)9.1(3.2)9.1(4)9.1(4.5)9.1(5)9.1(5.10)9.1(5.12)9.1(5.15)9.2(1)9.2(2)9.2(2.4)9.2(2.7)9.2(2.8)9.2(3)8.4(0)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.4(7.15)8.4(7.22)8.4(7.23)8.4(7.26)8.4(7.28)8.4(7.29)8.4(7.3)8.5(1)8.5(1.1)8.5(1.14)8.5(1.17)8.5(1.18)8.5(1.19)8.5(1.21)8.5(1.24)8.5(1.6)8.5(1.7)8.6(1)8.6(1.1)8.6(1.10)8.6(1.12)8.6(1.13)8.6(1.14)8.6(1.17)8.6(1.2)8.6(1.5)8.7(1)8.7(1.1)8.7(1.11)8.7(1.13)8.7(1.16)8.7(1.17)8.7(1.3)8.7(1.4)8.7(1.7)8.7(1.8)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.0(3.8)9.0(4)9.0(4.1)9.0(4.17)9.0(4.20)9.0(4.24)9.0(4.26)9.0(4.29)9.0(4.33)9.0(4.35)9.0(4.37)9.0(4.5)9.0(4.7)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)9.1(3.2)9.1(4)9.1(4.5)9.1(5)9.1(5.10)9.1(5.12)9.1(5.15)9.1(5.21)9.1(6)9.1(6.1)9.1(6.10)9.1(6.4)9.1(6.6)9.1(6.8)9.1(7.4)9.2(0.0)9.2(0.104)9.2(1)9.2(2)9.2(2.4)9.2(2.7)9.2(2.8)9.2(3)9.2(3.1)9.2(3.3)9.2(3.4)9.2(4)9.2(4.2)9.2(4.4)9.3(1)9.3(1.1)9.3(1.105)9.3(1.50)9.3(2)9.3(2.100)9.3(2.2)9.3(2.243)9.3(3)9.3(3.1)9.3(3.2)9.3(3.5)9.3(3.6)9.3(5)9.4(0.115)9.4(1)9.4(1.1)9.4(1.2)9.4(1.3)9.4(1.5)9.4(2)9.4(2.3)9.5(1)9.5(2)9.6(0)9.6(1)8.4(0)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.4(7.15)8.4(7.22)8.4(7.23)8.4(7.26)8.4(7.28)8.4(7.29)8.4(7.3)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.0(3.8)9.0(4)9.0(4.1)9.0(4.17)9.0(4.20)9.0(4.24)9.0(4.26)9.0(4.29)9.0(4.33)9.0(4.35)9.0(4.37)9.0(4.5)9.0(4.7)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)9.1(3.2)9.1(4)9.1(4.5)9.1(5)9.1(5.10)9.1(5.12)9.1(5.15)9.1(5.21)9.1(6)9.1(6.1)9.1(6.4)9.1(6.6)9.1(6.8)9.2(0.0)9.2(0.104)9.2(1)9.2(2)9.2(2.4)9.2(2.7)9.2(2.8)9.2(3)9.2(3.1)9.2(3.3)9.2(3.4)9.2(4)9.3(1)9.3(1.1)9.3(1.105)9.3(1.50)9.3(2)9.3(2.100)9.3(2.2)9.3(2.243)9.3(3)9.3(3.1)9.3(3.2)9.3(3.5)9.3(3.6)9.4(0.115)9.4(1)9.4(1.1)9.4(1.2)9.4(1.3)9.4(1.5)9.5(1)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.5(1)8.5(1.1)8.5(1.14)8.5(1.17)8.5(1.18)8.5(1.6)8.5(1.7)8.6(1)8.6(1.1)8.6(1.10)8.6(1.12)8.6(1.2)8.6(1.5)8.7(1)8.7(1.1)8.7(1.3)8.7(1.4)8.7(1.7)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)8.0(4.16)8.0(4.23)8.0(4.25)8.0(4.28)8.0(4.31)8.0(4.32)8.0(4.33)8.0(4.9)8.0(5)8.0(5.20)8.0(5.23)8.0(5.25)8.0(5.27)8.0(5.28)8.0(5.31)8.2(0.45)8.2(1)8.2(1.11)8.2(2)8.2(2.10)8.2(2.12)8.2(2.16)8.2(2.17)8.2(2.9)8.2(3)8.2(4)8.2(4.1)8.2(4.4)8.2(5)8.2(5.13)8.2(5.22)8.2(5.26)8.2(5.33)8.2(5.40)8.2(5.41)8.2(5.46)8.2(5.48)8.3(1)8.3(1.1)8.3(1.4)8.3(1.6)8.3(2)8.3(2.13)8.3(2.23)8.3(2.25)8.3(2.31)8.3(2.33)8.3(2.34)8.3(2.37)8.3(2.39)8.3(2.4)8.3(2.40)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.4(7.15)8.4(7.3)8.5(1)8.5(1.1)8.5(1.14)8.5(1.17)8.5(1.18)8.5(1.19)8.5(1.6)8.5(1.7)8.6(1)8.6(1.1)8.6(1.10)8.6(1.12)8.6(1.13)8.6(1.2)8.6(1.5)8.7(1)8.7(1.1)8.7(1.11)8.7(1.3)8.7(1.4)8.7(1.7)8.7(1.8)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.0(3.8)9.0(4)9.0(4.1)9.0(4.5)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)9.1(3.2)9.1(4)9.1(4.5)9.1(5)7.0(1)7.0(1.4)7.0(2)7.0(3)7.0(4)7.0(4.2)7.0(5)7.0(5.12)7.0(6)7.0(6.18)7.0(6.22)7.0(6.26)7.0(6.29)7.0(6.32)7.0(6.4)7.0(6.8)7.0(7)7.0(7.1)7.0(7.12)7.0(7.4)7.0(7.9)7.0(8)7.0(8.12)7.0(8.13)7.0(8.2)7.0(8.8)7.1(2)7.1(2.16)7.1(2.20)7.1(2.24)7.1(2.28)7.1(2.38)7.1(2.42)7.1(2.46)7.1(2.49)7.1(2.53)7.1(2.61)7.1(2.64)7.1(2.72)7.1(2.81)7.2(1)7.2(1.13)7.2(1.19)7.2(1.24)7.2(1.9)7.2(2)7.2(2.10)7.2(2.14)7.2(2.18)7.2(2.19)7.2(2.22)7.2(2.34)7.2(2.6)7.2(3)7.2(3.1)7.2(3.12)7.2(3.16)7.2(4)7.2(4.18)7.2(4.25)7.2(4.27)7.2(4.30)7.2(4.33)7.2(4.6)7.2(4.9)7.2(5)7.2(5.10)7.2(5.2)7.2(5.4)7.2(5.7)7.2(5.8)8.0(1.2)8.0(2)8.0(2.11)8.0(2.15)8.0(3)8.0(3.12)8.0(3.19)8.0(3.6)8.0(4)8.0(4.16)8.0(4.23)8.0(4.25)8.0(4.28)8.0(4.3)8.0(4.31)8.0(4.32)8.0(4.33)8.0(4.9)8.0(5)8.0(5.20)8.0(5.23)8.0(5.25)8.0(5.27)8.0(5.28)8.0(5.31)8.1(1)8.1(1.6)8.1(2)8.1(2.13)8.1(2.15)8.1(2.16)8.1(2.19)8.1(2.23)8.1(2.24)8.1(2.49)8.1(2.50)8.1(2.55)8.1(2.56)8.2(0.45)8.2(1)8.2(1.11)8.2(2)8.2(2.10)8.2(2.12)8.2(2.16)8.2(2.17)8.2(2.9)8.2(3)8.2(4)8.2(4.1)8.2(4.4)8.2(5)8.2(5.13)8.2(5.22)8.2(5.26)8.2(5.33)8.2(5.40)8.2(5.41)8.3(1)8.3(1.1)8.3(1.4)8.3(1.6)8.3(2)8.3(2.13)8.3(2.23)8.3(2.25)8.3(2.31)8.3(2.33)8.3(2.34)8.3(2.37)8.3(2.4)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.5(1)8.5(1.1)8.5(1.14)8.5(1.17)8.5(1.6)8.5(1.7)8.6(1)8.6(1.1)8.6(1.10)8.6(1.2)8.6(1.5)8.7(1)8.7(1.1)8.7(1.3)8.7(1.4)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)8.2(0.45)8.2(1)8.2(1.11)8.2(2)8.2(2.10)8.2(2.12)8.2(2.16)8.2(2.17)8.2(2.9)8.2(3)8.2(4)8.2(4.1)8.2(4.4)8.2(5)8.2(5.13)8.2(5.22)8.2(5.26)8.2(5.33)8.2(5.40)8.2(5.41)8.2(5.46)8.2(5.48)8.2(5.50)8.3(1)8.3(1.1)8.3(1.4)8.3(1.6)8.3(2)8.3(2.13)8.3(2.23)8.3(2.25)8.3(2.31)8.3(2.33)8.3(2.34)8.3(2.37)8.3(2.39)8.3(2.4)8.3(2.40)8.3(2.41)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.1)8.4(2.8)8.4(3)8.4(3.8)8.4(3.9)8.4(4)8.4(4.1)8.4(4.3)8.4(4.5)8.4(4.9)8.4(5)8.4(5.6)8.4(6)8.4(7)8.4(7.15)8.4(7.22)8.4(7.23)8.4(7.3)8.6(1)8.6(1.1)8.6(1.10)8.6(1.12)8.6(1.13)8.6(1.14)8.6(1.2)8.6(1.5)9.0(1)9.0(2)9.0(2.10)9.0(3)9.0(3.6)9.0(3.8)9.0(4)9.0(4.1)9.0(4.17)9.0(4.20)9.0(4.5)9.0(4.7)9.1(1)9.1(1.4)9.1(2)9.1(2.8)9.1(3)9.1(3.2)9.1(4)9.1(4.5)9.1(5)9.1(5.10)9.2(1)9.2(2)9.2(2.4)8.2(0.45)8.2(1)8.2(1.11)8.2(2)8.2(2.10)8.2(2.12)8.2(2.16)8.2(2.17)8.2(2.9)8.2(3)8.2(4)8.2(4.1)8.2(4.4)8.2(5)8.2(5.13)8.2(5.22)8.2(5.26)8.2(5.33)8.2(5.40)8.2(5.41)8.2(5.46)8.2(5.48)8.2(5.50)8.3(1)8.3(1.1)8.3(1.4)8.3(1.6)8.3(2)8.3(2.13)8.3(2.23)8.3(2.25)8.3(2.31)8.3(2.33)8.3(2.34)8.3(2.37)8.3(2.39)8.3(2.4)8.3(2.40)8.3(2.41)8.4(1)8.4(1.11)8.4(1.3)8.4(2)8.4(2.8)8.5(1)8.5(1.1)8.5(1.14)8.5(1.17)8.5(1.18)8.5(1.19)8.5(1.21)8.5(1.6)8.5(1.7)8.7(1)8.7(1.1)8.7(1.11)8.7(1.13)8.7(1.3)8.7(1.4)8.7(1.7)8.7(1.8)